Unfortunately just grabbing the Windows binaries off the squid website and following their instructions won't work for everyone, but it only takes a small number of simple configuration changes to get it going. If you take the easy path and grab my modified install of squid (with those changes applied), it's a piece of cake.
So what is squid or a caching proxy in general? The
squid website says:
"Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages."
So why would you want to use it? From my experience, if you are in any of the following situations:
- You want your browsing to be snappy in general (helps on cable/ADSL too!)
- You are shaped and want better performance when browsing your frequently-visited sites
- You are about to get shaped and want to reduce your quota consumption
- You are on a flaky, high-latency or slow connection (e.g. laptop Wi-Fi, wireless broadband, dial-up)
While it is true that your web-browser most definitely has an internal cache, you'll likely get a noticeable improvement in perceived latency due to squid's DNS caching. On top of that, I find squid picks up 25% of traffic that my install of Firefox doesn't cache, misses or expires.
:: Downloading squid for Windows ::
You have two choices:
1. Download my config-prepared version of squid 2.7:
Link (2MB)
2. or grab the latest "Standard" Stable binary from:
Link
What's the difference? If you pick the second choice, you'll need to do some minor config editing which I've already done for you in my version.
:: Unpacking squid ::
Whichever file you downloaded, the zip file should have the "squid" folder already embedded so unpack it to
C:\ so that all of the files appear under
c:\squid (and not
c:\squid\squid). If you unpack the files elsewhere, the rest of my instructions won't work as I've written them (the Windows binaries have the paths hardcoded by default).
If you've grabbed my version of squid, you don't have any editing to do and should skip to the next section ("Preparing squid"). If you grabbed the official version, you'll need to do the following:
1. Navigate to
c:\squid\etc in Explorer.
2. Rename all of the whatever
.conf.default files to whatever
.conf (i.e. remove the
.default suffix).
3. Edit
c:\squid\etc\squid.conf in a text-editor.
4. Search for
TAG: visible_hostname
5. There should be a block of comments starting with # . After the comments, add the line:
visible_hostname localhost
6. Now search for
http_access allow manager localhost
7. Don't modify the line, but below it add the line:
http_access allow localhost
That's it.
:: Preparing squid ::
Now we need to make squid's swap directories, which will contain all the cache data:
1. Open up
Command Prompt (Start -> Run -> cmd.exe)
2. Navigate to
c:\squid\sbin ( execute:
cd /d c:\squid\sbin )
3. Run:
squid -z
It should now create swap directories like so:
If it fails with "Abnormal Termination" or similar, then something went wrong. Don't proceed any further if this is so. Step through the tutorial again or grab my version of squid if you didn't.
:: Configuring browser ::
If you have Firefox, find your way to the Network
Connection Settings menu and add IP
127.0.0.1 with port
3128 as a proxy like so:
For Internet Explorer, you can do the same via the
LAN Settings in
Internet Options like so:
(You can undo these steps at any time if you get rid of squid in future or if it's causing problems)
Now try to view a website.
It should fail.
That's good, it just means there's nothing already running on squid's port, which is what we want. We can now get the proxy up and running in the next section.
:: Testing squid ::
With the prompt still open, run:
squid -X
The
-X switch just tells squid to stay attached to the prompt and show heaps of output. You should see a whole heap of text, and then squid will look like it's paused like this:
With the prompt still open with squid running, try to browse in Firefox or Internet Explorer. It should work this time round. Great!
Now hold
CTRL and then
C to terminate the squid session.
:: Finalising squid ::
Now we wrap it up so that squid is launched automatically when Windows starts.
Again with the prompt still open, run:
squid -i -n squid -O "-D"
It should now output success:
You can now reboot to get squid to run in the background, or alternatively launch the service manually just this once:
net start squid
The tutorial is now complete. You can now enjoy the benefits of a local web proxy cache and snappy browsing!
:: Serving a LAN ::
The tutorial was written to show how one would run and use squid locally. This is because the typical desktop machine isn't necessarily on 24/7 to allow other machines to have proxy access. If your situation differs and you wish to allow other machines to connect, it's fairly simple to achieve.
1. Open up
c:\squid\etc\squid.conf in a text-editor.
2. Search for:
10.0.0.0/8
You'll see several 'allow' rules for different networks/subnets:
If one of these IP ranges corresponds to your LAN then you don't need to alter the configuration file. Otherwise, simply add a new rule for your network (or modify the existing ones). The "192.168.0.0/16" template would be the best to build from for most purposes. Once you've made the configuration change, restart the squid server (either reboot or perform:
net stop squid followed by
net start squid).
Now just restep through the "Configuring Browser" step earlier in the tutorial for the other machines, but put the LAN IP of the squid server in. Ready to work!
:: Uninstalling/Reverting ::
If you need to remove squid for whatever reason (don't need it, it doesn't work), you should:
1. Remove the proxy settings you entered in your browser so that you can browse normally
2. Stop the squid service if it's running:
net stop squid
3. Disable the squid service permanently:
c:\squid\sbin\squid -r -n squid
4. Delete the squid folder
Posted 07:02pm 26/6/08
Posted 07:07pm 26/6/08
Posted 07:16pm 26/6/08
^ You might want to read the rest of the tutorial, I discussed that briefly :)
Basically the proxy's DNS caching helps heaps (of course you could DNS cache other ways if you wanted to), plus catching what the browser hasn't cached. I installed squid when I was in Sydney roaming on a wireless broadband modem and it really made browsing much less painful.
The tutorial tells you how to, yes.
last edited by parabol at 19:16:57 26/Jun/08
Posted 07:14pm 26/6/08
Posted 08:06pm 26/6/08
i run dnscache under linux and it rocks.
i do run squid under linux and make squid use my local dnscache, it works lots better then squid alone.
Posted 09:16am 27/6/08
integrates into AD, does content filtering and proxying, awesome shizzles
Posted 09:44am 27/6/08
yeah, it is pretty neat. i recently set up squid as a reverse proxy to take load off an extremely busy web server.
sustained throughput from the cache was 90meg/s
Posted 10:00am 27/6/08
Posted 10:05am 27/6/08
Posted 10:27am 27/6/08
sexy graphs.
got an export of your templates?
Posted 10:37am 27/6/08
You have to forward the OIDs for squid through to the squid SNMP service, net-snmp or windows SNMP won't pick it up. With Windows SNMP it's a bit tricky since you can't do forwarding so I had to install net-snmp which forwarded the squid OIDs to squid and the other OIDs to the Windows SNMP service which was running on a different port.
last edited by TicMan at 10:37:51 27/Jun/08
Posted 11:38am 27/6/08
Setup lan proxy so when viewing vids it should help a heap
Posted 11:43am 27/6/08
Posted 11:45am 27/6/08
Posted 12:11pm 27/6/08
Allowed me to do some cool stuff like show users how much data they've used today on the intranet so they can be more aware of the impact their browsing has etc.
Posted 12:11pm 27/6/08
Posted 12:28pm 27/6/08
Posted 12:29pm 27/6/08
Posted 12:31pm 27/6/08
Posted 12:38pm 27/6/08
Posted 12:53pm 27/6/08
Posted 02:59pm 27/6/08
Posted 03:07pm 27/6/08
(1024MB max swap)
EDIT: you might also want to change maximum_object_size to make sure big-ish stuff gets cached.
last edited by parabol at 15:07:33 27/Jun/08
Posted 03:03pm 27/6/08
cache_dir it is the same setting for location.
Posted 03:15pm 27/6/08
Posted 03:53pm 27/6/08
Posted 12:07am 28/6/08
3. Run: squid -z <<<< boy did that give me nightmares, found 1 obscure mention of it on a site.
so Props to that in the tutorial, lots i found didnt mention that at all.
Posted 07:13am 29/6/08
Posted 12:18pm 29/6/08
Posted 07:23pm 30/6/08
Nm...seems to have come right on its own.
last edited by Twisted at 19:23:21 30/Jun/08
Posted 09:07pm 15/7/08
2. Ive got a list of blocked sites. How do I import the ips?
Posted 09:34pm 15/7/08
I have no idea what all that means, but does this help?
http://www.mail-archive.com/squid-users@squid-cache.org/msg43483.html
I've never done it, like this?
http://www.debian-administration.org/articles/399
Posted 09:51pm 15/7/08
having issues with the blocked sites, prolly not finding ths blocked list file.
Posted 12:39pm 17/7/08
Posted 12:53pm 17/7/08
http://www.privoxy.org/
(the FAQ is very informative)
Posted 05:42pm 17/7/08
Posted 06:17pm 17/7/08
Posted 06:38pm 17/7/08
Posted 06:42pm 17/7/08
Posted 07:51pm 17/7/08
acl dynamic_sites dstdomain .youtube.com
acl dynamic_sites dstdomain .facebook.com
acl dynamic_sites dstdomain .ausgamers.com
acl dynamic_sites dstdomain .google.com
cache allow dynamic_sites
I put that before hierarchy_stoplist cgi-bin ? in the config file. Getting a lot more cache hits now.
About 20%-25% of hits to sites like Google and Facebook, etc now use the cache. I think by default Squid won't cache any dynamic site stuff at all (not even the static images and stuff on dynamic sites).
Posted 08:03pm 25/7/08
Posted 08:27pm 25/7/08
It just started happening out of the blue. Dell.com , yahoo.com and various other sites are unviewable until I put them on the proxy bypass list :/
Posted 12:46am 26/7/08
Posted 12:26am 03/10/08
can u help me...
for ur attention, thank's so much
Posted 08:02pm 13/1/09
Posted 08:59pm 13/1/09
squid -i -n squid -O "-D"
Error message is:
OpenSCManager failed
Trying under Vista 32
**EDIT** btw, I cut and pasted the line from tute, so no syntax error with that letter O being replaced by zero or whatever
**EDIT x2** the problem was UAC. I put the following lines in batch file and ran as admin
Posted 10:08pm 13/1/09
Posted 06:41pm 14/1/09
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to process the request:
GET /echarts?s=%5EHSI HTTP/1.1
Accept: */*
Referer: http://finance.yahoo.com/q?s=%5EHSI
Accept-Language: en-us
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; T312461; Q312461; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com) ; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)
Host: finance.yahoo.com
Connection: Keep-Alive
Cookie: B=34gdhcl380mj5&b=4&s=6u; SO=v=0.4&t=1220840008; YLS=v=1&p=0&n=0; F=a=DHGd26U[snip]; Q=q1=AACAAAAAAAAAAA--&q2=RtaGOg--; U=mt=_mNT5p2MhYr.aBYuRy1Q8AX5y55Zc2xTk8vC&ux=TgLTHB&un=fnurouvvt0pnc; LYC=l_v=0&l_lv=10&l_s=q40r3wyrzuztuy5u0uxwyzu103wyt4t4&l_um=0_0_1_0_0; C=mg=1; DNR=1; cna=NlNrADAIvVoBAQbxPgrzDsQ9; ystat_cn_bc=1892624151692278399; PH=fn=YlJNTyAhO8uRgXmw&l=en-US; YSC=0; BA=ba=14227&ip=202.82.16.59&t=1231906832; Y=v=1&n=0s9rn9v9q0e5c&l=a8m8_7adp/o&p=m24vvhk413000300&iz=&r=3v&lg=en-US&intl=us&np=1; T=z=GHFb[snip]; RT=s=1231906851103&u=&r=http%3A//www.yahoo.com/; PRF=cd=symbol%3A%5Ehsi_%40range%3A1y_%40indicator[snip]; TT=tick1=0&tick2=0&tick3=1
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
Your cache administrator is webmaster.
Can anyone help please?
Thanks
last edited by Jim at 08:49:26 15/Aug/09
Posted 05:30pm 15/1/09
Posted 08:46am 15/8/09
Yahoo.com mail seems to went ok now, but there is still something wrong, when I login to hotmail I get this:
ERROR
The requested URL could not be retrieved
While trying to process the request:
GET /default.aspx?n=270930736&wa=wsignin1.0 HTTP/1.1
Host: mail.live.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: wlidperf=throughput=7&latency=442&FR=L&ST=1232346993754; PPLState=1; RPSTAuth=EwDYARAnAAA[snip]; MSNPPAuth=B6KPFLgn3FEbiZ2[snip]; MH=MSFT; NAP=V=1.8&E=78f&C=gjp[snip]; ANON=A=208E92978701E5887161FB82FFFFFFFF&E=7e9&W=1
Cache-Control: max-age=0
The following error was encountered:
* Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
* Missing or unknown request method
* Missing URL
* Missing HTTP Identifier (HTTP/1.0)
* Request is too large
* Content-Length missing for POST or PUT requests
* Illegal character in hostname; underscores are not allowed
ANd when I reply to some sites I get :
ERROR
The requested URL could not be retrieved
While trying to process the request:
POST /my/message_process.asp HTTP/1.1
Host: hongkong.asiaxpat.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://hongkong.asiaxpat.com/my/message_post.asp?reply=17283037
Cookie: ASPSESSIONIDCASAQRST=HLCICMACJLJNOEOJPLABCGHL; __utma=120978705.1921639512.1232351733.1232351733.1232351733.1; __utmb=120978705; __utmc=120978705; __utmz=120978705.1232351733.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); AsiaXPAT=UserID=522710&AuthID=FA119C0D%2DCF0C%2D4846%2D9192%2DEE38776DDB36&save=True
Content-Type: multipart/form-data; boundary=---------------------------265001916915724
Content-Length: 1907
-----------------------------265001916915724
Content-Disposition: form-data; name="range"
S
-----------------------------265001916915724
Content-Disposition: form-data; name="users"
saadkhan
-----------------------------265001916915724
Content-Disposition: form-data; name="title"
re:iphone 2G 8G
-----------------------------265001916915724
Content-Disposition: form-data; name="message"
The best price I can do for you is $2600 because the shop will give me $2500 for the full set.
-----------------
January 19
The following error was encountered:
* Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
* Missing or unknown request method
* Missing URL
* Missing HTTP Identifier (HTTP/1.0)
* Request is too large
* Content-Length missing for POST or PUT requests
* Illegal character in hostname; underscores are not allowed
Your cache administrator is webmaster.
Generated Mon, 19 Jan 2009 08:06:03 GMT by localhost
The proxy is on the DMZ zone and the firewall is pointed to squid proxy on the DMZ zone. Everthing is let out so I don't know why we get this errors? Can anybody help?
Thanks
last edited by Jim at 08:49:50 15/Aug/09
Posted 10:25pm 20/1/09
My problem is very simple - Squid was giving me DNS resolution errors erratically for common domains like google.com and hotmail.com
They were absolutely erratic, no pattern at all. Obviously these domains are well-used and would therefore be in the cache - I can't understand why Squid can find them sometimes and not others.
Also what I have found is that Squid doesn't seem to like much pressure. I use SnapLinks addon for Firefox which allows you to open multiple links by selecting them with a right-click and drag rectangle. If I open more than 20 links (an amount that Firefox handles fine) then Squid seems to have a proxy-meltdown.
Anyway, that's my experience, maybe it will send some dude one way or another.
**EDIT** FYI, when I deleted my squid dir it was 110MB - so presumably caching a reasonable amount which is good.
Posted 04:56pm 31/1/09
Posted 05:15pm 31/1/09
Haven't looked into it since putting them on the proxy bypass list.
Posted 02:19pm 02/2/09
Posted 03:57pm 21/4/09
can u help me with plotting graphs with cacti plss !! i need to find out hw much bandwidth is getting saved using this squid option.
Thanks for ur help!
Posted 04:23pm 21/4/09
Or add those templates to Cacti, allow SNMP in Squid and connect the two together. I don't have access to a working Cacti or Squid environment anymore so can't offer too much more than that.
Posted 06:22pm 21/4/09
Posted 12:39am 15/8/09
Find out your gateway IP/DNS Servers on your PC
go to start > run > type in cmd and hit enter
type in ipconfig
and it will bring a list up like
http://i32.tinypic.com/25ggz1j.jpg
Then add this to squid.confg
http://i30.tinypic.com/2nh21ie.jpg
And save.
go into start > run > type cmd and hit enter
type in net stop squid
type in net start squid
then it should work :)
Yes just make sure is forward to port 3128 as squid's default
1st. Click Start, click Run, type cmd, and then click OK
2nd. Type proxycfg -p localhost:3128, and then press ENTER
Note: Replace "localhost" to your squid server so for e.g 192.168.1.42:3128
Posted 07:11am 15/8/09
Posted 08:43am 15/8/09
if your web browsing is so heavy that it completely saturates your connection constantly resulting in congestion for your game traffic, it might help you some. I doubt this is the case though